Bug 461845 - Clamav out dated
Summary: Clamav out dated
Keywords:
Status: CLOSED DUPLICATE of bug 579370
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: clamav
Version: el5
Hardware: All
OS: Linux
medium
urgent
Target Milestone: ---
Assignee: Steven Pritchard
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: UpdatePackage
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-09-10 21:40 UTC by Darrick Hartman
Modified: 2010-09-15 07:45 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 522157 (view as bug list)
Environment:
Last Closed: 2010-09-15 07:45:50 UTC


Attachments (Terms of Use)

Description Darrick Hartman 2008-09-10 21:40:09 UTC
Clamav 0.93.X has a security flaw which was addressed by the 0.94 release as noted on the Clamav website  http://www.clamav.net

Please upgrade the package to 0.94

Comment 1 Elia Pinto 2009-09-09 14:42:17 UTC
Probably SELINUX targeted policy, and Selinux Memory check, mitigate this
but it necessary to upgrade anyway.
 -------------------------------------------------------------------
    Package               /  Vulnerable  /                 Unaffected
   -------------------------------------------------------------------
    clamav    < 0.95.2                      >= 0.95.2

Description
===========

Multiple vulnerabilities have been found in ClamAV:

* The vendor reported a Divide-by-zero error in the PE ("Portable
 Executable"; Windows .exe) file handling of ClamAV (CVE-2008-6680).

* Jeffrey Thomas Peckham found a flaw in libclamav/untar.c, possibly
 resulting in an infinite loop when processing TAR archives in clamd
 and clamscan (CVE-2009-1270).

* Martin Olsen reported a vulnerability in the CLI_ISCONTAINED macro
 in libclamav/others.h, when processing UPack archives
 (CVE-2009-1371).

* Nigel disclosed a stack-based buffer overflow in the
 "cli_url_canon()" function in libclamav/phishcheck.c when processing
 URLs (CVE-2009-1372).

Impact
======

A remote attacker could entice a user or automated system to process a
specially crafted UPack archive or a file containing a specially
crafted URL, possibly resulting in the remote execution of arbitrary
code with the privileges of the user running the application, or a
Denial of Service. Furthermore, a remote attacker could cause a Denial
of Service by supplying a specially crafted TAR archive or PE
executable to a Clam AntiVirus instance.

Comment 2 Edward Rudd 2009-11-07 16:15:48 UTC
superseded by #532695??

Comment 3 Łukasz Trąbiński 2010-04-16 08:28:12 UTC
oceanic:/etc# freshclam 
ClamAV update process started at Fri Apr 16 10:27:29 2010
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.95.3 Recommended version: 0.96
DON'T PANIC! Read http://www.clamav.net/support/faq
Connecting via w3cache.wsisiz.edu.pl
Downloading main-52.cdiff [100%]
main.cld updated (version: 52, sigs: 704727, f-level: 44, builder: sven)
Connecting via w3cache.wsisiz.edu.pl
WARNING: getfile: daily-9956.cdiff not found on remote server (IP: 213.135.44.126)
WARNING: getpatch: Can't download daily-9956.cdiff from database.clamav.net
WARNING: getfile: daily-9956.cdiff not found on remote server (IP: 213.135.44.126)
WARNING: getpatch: Can't download daily-9956.cdiff from database.clamav.net
WARNING: getfile: daily-9956.cdiff not found on remote server (IP: 213.135.44.126)
WARNING: getpatch: Can't download daily-9956.cdiff from database.clamav.net
WARNING: getfile: daily-9956.cdiff not found on remote server (IP: 213.135.44.126)
WARNING: getpatch: Can't download daily-9956.cdiff from database.clamav.net
WARNING: getfile: daily-9956.cdiff not found on remote server (IP: 213.135.44.126)
WARNING: getpatch: Can't download daily-9956.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]
daily.cvd updated (version: 10751, sigs: 52057, f-level: 51, builder: guitar)
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 44, recommended = 51
DON'T PANIC! Read http://www.clamav.net/support/faq
Database updated (756784 signatures) from database.clamav.net

Comment 4 Mark Chappell 2010-09-15 07:45:50 UTC

*** This bug has been marked as a duplicate of bug 579370 ***


Note You need to log in before you can comment on or make changes to this bug.